Microsoft waxa ay hadda kuu suurtogelisay in aad ku darto ka-hortagga Barnaamijyada Aan La rabin ee suurtogalka ah (PUPs)^{(Potentially Unwanted Programs (PUPs))} ama Codsiyada^{(Applications)} Aan La rabin ( PUA ) ee Difaaca Windows ^{(Windows Defender)}10^{(Windows 10)} . Waxaad u baahan tahay inaad wax ka beddesho Siyaasadda Kooxda^{(Group Policy)} , Diiwaanka^(Registry) ama isticmaal PowerShell .

Habkan waxaa ku dhawaaqay Microsoft oo keliya isticmaalayaasha ganacsiga^(Enterprise) , laakiin wax yar oo shaqo ah, waxaad ka dhigi kartaa inay ku shaqeyso adiga Windows 10/8/7 PC-yada sidoo kale.

The Potentially Unwanted Application protection feature is available only for enterprise customers. If you are already one of Microsoft’s existing enterprise customers, you need to opt-in to enable and use PUA protection. PUA protection updates are included as part of the existing definition updates and cloud protection for Microsoft’s enterprise customers, says Microsoft.

Codsiga aan la rabin ee suurtagalka^{(Potential Unwanted Application)} ah ( PUA ) ama PUPs waa kala saarid khatar ah oo ku salaysan sumcadda iyo aqoonsiga cilmi-baaristu waddo. Waxay caadi ahaan yihiin Crapware ama Bundleware , iyo softiweerka noocaas ah oo aadan runtii rabin nidaamkaaga, kaasoo laga yaabo inuu sameeyo waxyeello ka badan tan wanaagsan. Waxaad naftaada ka ilaalin kartaa PUA ama PUP^(PUPs) -yada adiga oo geynaya siyaasada lidka ku ah malware. Dejinta siyaasadda ilaalinta waa la dami waayey si caadi ah.

Akhri: ^(Read:) Windows 10 waxay xannibi doontaa Software-ka aan la rabin iyadoo loo eegayo shuruudahan .

Daar Ilaalinta Barnaamijyada Aan La rabin ee suurtogalka ah^{(Potentially Unwanted Programs Protection)} gudaha Windows 10

Ka dhig difaac Windows xannibay Barnaamijyada aan la rabin

Si tan loo sameeyo, waa inaad wax ka beddeshaa Diiwaanka Windows^{(Windows Registry)} . Furaha diiwaanku wuu kala duwan yahay si waafaqsan nooca alaabtaada, waana ka duwan yahay Nidaamka Xarunta Dhamaadka Ilaalinta^{(System Center Endpoint Protection)} , Ilaalinta^{(Forefront Endpoint Protection)} Goobta Hore ee Dhamaadka , Aasaaska Amniga Microsoft^{(Microsoft Security Essentials)} ama Difaaca Windows^{(Windows Defender)} , sida ku cad sawirka kore.

Ilaalinta PUA^(PUA) waxay karantiili doontaa faylka PUP waxayna ka ilaalin doontaa inay shaqeeyaan haddii ay buuxiso mid ka mid ah shuruudaha soo socda:

Faylka waxaa laga sawirayaa browserka
Faylku waxa uu leeyahay Calaamadda Shabakadda
Faylku waxa uu ku jiraa %Downloads% folder
Ama haddii faylka ku jira %temp% galka.

Kahor intaadan bilaabin, waa inaad ogaataa taas Windows 10 hadda waxay kuu ogolaaneysaa inaad curyaamiso ama aad awood u yeelato kahortaga codsiyada suurtagalka ah ee aan la rabin^{(enable protection against Potentially Unwanted Applications)} (PUA) adoo isticmaalaya Windows Security .

Isticmaalka Siyaasadda Kooxda

Fur gpedit.msc oo u gudub goobta soo socota:
^(Computer)Qaabeynta kombiyuutarka > Administrative _ _^(Windows) _ _^{(Windows Defender Antivirus)} _
Laba-guji Isku-dubbari^{(Double-click Configure)} ilaalinta codsiyada suurtagalka ah ee aan loo baahnayn.
Dooro^(Select) La Dajiyay si aad awood ugu yeelato ilaalinta PUA .
Xulashada, dooro Block si aad u xannibto codsiyada suurtagalka ah ee aan la rabin^{(Block to block potentially unwanted applications)} , ama dooro Qaabka Hantidhawrka^{(Audit Mode)} si aad u tijaabiso sida goobtu uga shaqayn doonto deegaankaaga.
Dooro OK.

Dib u bilow nidaamkaaga

Isticmaalka Diiwaanka

Si aad Windows Defender kaaga ilaaliso Barnaamijyada^(Programs) aan la rabin , Ku^(Run) wad regedit si aad u furto Diiwaanka Diiwaanka^{(Registry Editor)} oo u gudub furaha soo socda:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender

Daar Ilaalinta Barnaamijyada Aan La rabin (PUP) ee Difaaca Windows

Halkan, midig-guji Difaaca Windows^{(Windows Defender)} oo dooro New > Key > NameMagaca^(MpEngine) MpEngine .

Hadda midig-guji MpEngine oo dooro New > DWORD (32-bit) Value > NameMpEnablePus oo sii qiime 1 .

Iyada oo qiimihiisu yahay 0 kaas oo ah mid aan la rabin, Ilaalinta Codsiga^{(Application)} aan la rabin ee suurtogalka ah waa naafo
Iyada oo qiimihiisu yahay 1 Badbaadinta Codsiga aan la rabin^{(Potentially Unwanted Application)} waa la dajiyay. Codsiyada leh dabeecad aan la rabin waa la xannibi doonaa marka la soo dejiyo iyo wakhtiga rakibaadda.

Dib u bilaw kombayutarkaga Windows

Isticmaalka PowerShell

Waxa kale oo aad isticmaali kartaa PowerShell cmdlet si aad u habayso habka ilaalinta PUA . Adeegso amarka soo socda:

Set-MpPreference -PUAProtection <PUAProtectionType>

Ikhtiyaarada <PUAprotectionType>:

U deji qiimaha cmdlet-kan si uu u daaro sifada^(Enabled) .
U deji AuditMode si loo ogaado oo kaliya balse aan loo xannibin PUAs^(PUAs) .
U deji Naafo^(Disabled) si aad u damiso ilaalinta PUA,

Gudaha Windows 10 , sanduuqa wada hadalka ee soo socda ayaa la soo bandhigi doonaa, marka faylka PUP la xannibo:

PUA_helid

Haddii aad rabto inaad hubiso in sifada PUA ay karti u yeelatay^{(make sure the PUA feature has been enabled)} oo ay si sax ah u shaqaynayso, waxaad booqan kartaa amtso.org dhagsii isku xirka faylka tijaabada ah ee suurtogalka ah ee aan la rabin^{(Download the Potentially Unwanted Application test file)} , oo hubi haddii si toos ah looga xannibay in la soo dejiyo ama la ordo.

Waxaad maamuli kartaa walxaha karantiilka^{(manage Quarantined items)} oo aad ka saari kartaa ama soo celin kartaa faylalka karantiilka gudaha Windows Defender^{(remove or restore files from Quarantine in Windows Defender)} .

TALO^(TIP) : Haddii aad u malaynayso in barnaamij aad samaysay si khalad ah loogu aqoonsaday PUA^{(wrongfully identified as PUA)} , waxaad ku soo gudbin kartaa faylka halkan^(here) .

Akhriska la xidhiidha^{(Related read)} : Ka yeel ilaalinta arjiga suurtogalka ah ee aan la rabin (PUA) gudaha browserka Edge^{(Enable Potentially Unwanted Application (PUA) protection in Edge browser)} .

Maqaalkani waxa uu tusinayaa sida aad u adkayn karto ilaalinta Windows Defender ilaa heerarka ugu sarreeya^{(harden Windows Defender protection to the highest levels)} ee Windows 10 adiga oo beddelaya dhawr dejin oo Siyaasadda Kooxda.^{(This post shows how you can harden Windows Defender protection to the highest levels on Windows 10 by changing a few Group Policy settings.)}

Turn On Potentially Unwanted Program Protection: GPO, Regedit, PowerShell

Microsoft has now mаde it posѕible for you to add protection againѕt Potentially Unwanted Programs (PUPs) or Potentially Unwanted Applications (PUA) to your Windows Defender on Windows 10. You need to edit the Group Policy, Registry or use PowerShell.

This feature has been announced by Microsoft exclusively for Enterprise users only, but with a little bit of work, you can make it work on your Windows 10/8/7 PCs too.

The Potentially Unwanted Application protection feature is available only for enterprise customers. If you are already one of Microsoft’s existing enterprise customers, you need to opt-in to enable and use PUA protection. PUA protection updates are included as part of the existing definition updates and cloud protection for Microsoft’s enterprise customers, says Microsoft.

Potential Unwanted Application (PUA) or PUPs is a threat classification based on reputation and research-driven identification. They are typically Crapware or Bundleware, and such software that you really do not want on your system, and which could potentially do more harm than good. You can protect yourself from PUA or PUPs by deploying an antimalware policy. This protection policy setting is disabled by default.

Read: Windows 10 will block Unwanted Software based on these criteria.

Turn On Potentially Unwanted Programs Protection in Windows 10

Make Windows Defender block Potentially Unwanted Programs

To do this, you will have to modify the Windows Registry. The registry key varies according to your product version, and is different for System Center Endpoint Protection, Forefront Endpoint Protection, Microsoft Security Essentials or Windows Defender, as shown in the above image.

PUA protection will quarantine the PUP file and prevent them from running if it meets one of the following conditions:

The file is being scanned from the browser
The file has Mark of the Web set
The file is in the %downloads% folder
Or if the file in the %temp% folder.

Before you begin, you should know that Windows 10 now allows you to disable or enable protection against Potentially Unwanted Applications (PUA) using Windows Security.

Using Group Policy

Open gpedit.msc and navigate to the following setting:
Computer configuration > Administrative templates > Windows components > Windows Defender Antivirus.
Double-click Configure protection for potentially unwanted applications.
Select Enabled to enable PUA protection.
In Options, select Block to block potentially unwanted applications, or select Audit Mode to test how the setting will work in your environment.
Select OK.

Restart your system.

Using Registry

To make Windows Defender protect you against Potentially Unwanted Programs, Run regedit to open the Registry Editor and navigate to the following key:

HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender

Turn On Potentially Unwanted Programs (PUP) Protection in Windows Defender

Here, right-click on Windows Defender and select New > Key > Name it MpEngine.

Now right-click on MpEngine and select New > DWORD (32-bit) Value > Name it MpEnablePus and give it a value 1.

With a value of 0 which is the default, Potentially Unwanted Application protection is disabled
With a value of 1 Potentially Unwanted Application protection is enabled. The applications with unwanted behavior will be blocked at download and install-time.

Restart your Windows computer.

Using PowerShell

You can also use a PowerShell cmdlet to configure the PUA protection feature. Use the following command:

Set-MpPreference -PUAProtection <PUAProtectionType>

Options for <PUAProtectionType>:

Set the value for this cmdlet to Enabled to turn the feature on.
Set it to AuditMode to only detect but not block the PUAs.
Set it to Disabled to turn off PUA protection,

In Windows 10, the following dialog box will be displayed, when a PUP file is blocked:

PUA_detection

If you wish to make sure the PUA feature has been enabled and is working properly, you may visit amtso.org click on the Download the Potentially Unwanted Application test file link, and check if it is automatically blocked from being downloaded or run.

You can manage Quarantined items and remove or restore files from Quarantine in Windows Defender.

TIP: If you think that a program developed by you has been wrongfully identified as PUA, you can submit the file here.

This post shows how you can harden Windows Defender protection to the highest levels on Windows 10 by changing a few Group Policy settings.

Mark Kim

About the author

Waxaan ahay injineer software iyo sahamiye. Waxaan khibrad u leeyahay labada Microsoft Xbox 360 iyo Google Explorer. Waxaan awoodaa inaan bixiyo talooyinka khabiirada ee qalabyada horumarinta software-ka qaarkood, iyo sidoo kale inaan caawiyo dadka inay cilad-saaraan khaladaadka Explorer ee caadiga ah.

Daar Ilaalinta Barnaamijka aan la rabin: GPO, Regedit, PowerShell

Daar Ilaalinta Barnaamijyada Aan La rabin ee suurtogalka ah^{(Potentially Unwanted Programs Protection)} gudaha Windows 10

Isticmaalka Siyaasadda Kooxda

Isticmaalka Diiwaanka

Isticmaalka PowerShell

Turn On Potentially Unwanted Program Protection: GPO, Regedit, PowerShell

Turn On Potentially Unwanted Programs Protection in Windows 10

Using Group Policy

Using Registry

Using PowerShell

Mark Kim

About the author

Related posts

Daar ama dami Ilaalinta Tamper-ka adigoo isticmaalaya Intune, REGEDIT, UI

Daar oo ku habbee Ilaalinta Ransomware ee Difaaca Windows

U oggolow ilaalinta codsiyada suurtagalka ah ee aan la rabin gudaha Windows 11/10

Habbee gelitaanka galka la xakameeyey adoo isticmaalaya Siyaasadda Kooxda & PowerShell

Sida loogu daro ama looga saaro abka gudaha Ka faa'iidaysiga Ilaalinta ee Windows 10

Difaaca Windows si toos ah uguma cusbooneysiin gudaha Windows 11/10

Difaaca Daaqadaha ayaa si isdaba joog ah u aqoonsada khatar la mid ah xitaa ka saarista ka dib

Maamul Walxaha La karantiilay, Ka Reebka Daafaca Windows

Waa maxay Ka-hortagga Virus-ka iyo Hanjabaada ee Daaqadaha? Sidee loo qariyaa?

Hagaaji qaladka Difaaca Microsoft 0x80073b01 gudaha Windows 11/10

Sida loogu daro Faylka ama Nidaamka Ka Saarida Amniga Windows

Sida loo nadiifiyo Taariikhda Ilaalinta Difaaca Windows gudaha Windows 10

Kordhinta Codsiga Difaaca Windows ee Chrome & Firefox

Hagaaji qaladka Difaaca Microsoft 0x80004004 gudaha Windows 11/10

Waa maxay Google Advanced Protection Program?

Xaggee lagu kaydiyaa diiwaannada iskaanka khadka-la'aanta ee Difaaca Windows?

Waa maxay Ilaalinta socodka socodka ee Windows 10 - Sida loo damiyo ama loo damiyo

Sida galka looga saaro iskaanka difaaca Windows gudaha Windows 11/10

Hagaaji koodka qaladka Difaaca Windows 0x8050800c gudaha Windows 11/10

Difaaca Daaqadaha waa dansan yahay ama ma shaqaynayo

Daar Ilaalinta Barnaamijka aan la rabin: GPO, Regedit, PowerShell

Daar Ilaalinta Barnaamijyada Aan La rabin ee suurtogalka ah(Potentially Unwanted Programs Protection) gudaha Windows 10

Isticmaalka Siyaasadda Kooxda

Isticmaalka Diiwaanka

Isticmaalka PowerShell

Turn On Potentially Unwanted Program Protection: GPO, Regedit, PowerShell

Turn On Potentially Unwanted Programs Protection in Windows 10

Using Group Policy

Using Registry

Using PowerShell

Mark Kim

About the author

Related posts

Daar ama dami Ilaalinta Tamper-ka adigoo isticmaalaya Intune, REGEDIT, UI

Daar oo ku habbee Ilaalinta Ransomware ee Difaaca Windows

U oggolow ilaalinta codsiyada suurtagalka ah ee aan la rabin gudaha Windows 11/10

Habbee gelitaanka galka la xakameeyey adoo isticmaalaya Siyaasadda Kooxda & PowerShell

Sida loogu daro ama looga saaro abka gudaha Ka faa'iidaysiga Ilaalinta ee Windows 10

Difaaca Windows si toos ah uguma cusbooneysiin gudaha Windows 11/10

Difaaca Daaqadaha ayaa si isdaba joog ah u aqoonsada khatar la mid ah xitaa ka saarista ka dib

Maamul Walxaha La karantiilay, Ka Reebka Daafaca Windows

Waa maxay Ka-hortagga Virus-ka iyo Hanjabaada ee Daaqadaha? Sidee loo qariyaa?

Hagaaji qaladka Difaaca Microsoft 0x80073b01 gudaha Windows 11/10

Sida loogu daro Faylka ama Nidaamka Ka Saarida Amniga Windows

Sida loo nadiifiyo Taariikhda Ilaalinta Difaaca Windows gudaha Windows 10

Kordhinta Codsiga Difaaca Windows ee Chrome & Firefox

Hagaaji qaladka Difaaca Microsoft 0x80004004 gudaha Windows 11/10

Waa maxay Google Advanced Protection Program?

Xaggee lagu kaydiyaa diiwaannada iskaanka khadka-la'aanta ee Difaaca Windows?

Waa maxay Ilaalinta socodka socodka ee Windows 10 - Sida loo damiyo ama loo damiyo

Sida galka looga saaro iskaanka difaaca Windows gudaha Windows 11/10

Hagaaji koodka qaladka Difaaca Windows 0x8050800c gudaha Windows 11/10

Difaaca Daaqadaha waa dansan yahay ama ma shaqaynayo

Daar Ilaalinta Barnaamijyada Aan La rabin ee suurtogalka ah^{(Potentially Unwanted Programs Protection)} gudaha Windows 10